Summary
| Detail | |||
|---|---|---|---|
| Vendor | Synology | First view | 2018-03-06 |
| Product | Virtual Diskstation Manager | Last view | 2018-03-06 |
| Version | - | Type | Application |
| Update | * | ||
| Edition | * | ||
| Language | * | ||
| Sofware Edition | * | ||
| Target Software | * | ||
| Target Hardware | * | ||
| Other | * | ||
| CPE Product | cpe:2.3:a:synology:virtual_diskstation_manager | ||
Activity : Overall
Related : CVE
| Date | Alert | Description | |
|---|---|---|---|
| 7.5 | 2018-03-06 | CVE-2018-7185 | The protocol engine in ntp 4.2.6 before 4.2.8p11 allows a remote attackers to cause a denial of service (disruption) by continually sending a packet with a zero-origin timestamp and source IP address of the "other side" of an interleaved association causing the victim ntpd to reset its association. |
| 7.5 | 2018-03-06 | CVE-2018-7184 | ntpd in ntp 4.2.8p4 before 4.2.8p11 drops bad packets before updating the "received" timestamp, which allows remote attackers to cause a denial of service (disruption) by sending a packet with a zero-origin timestamp causing the association to reset and setting the contents of the packet as the most recent timestamp. This issue is a result of an incomplete fix for CVE-2015-7704. |
| 5.3 | 2018-03-06 | CVE-2018-7170 | ntpd in ntp 4.2.x before 4.2.8p7 and 4.3.x before 4.3.92 allows authenticated users that know the private symmetric key to create arbitrarily-many ephemeral associations in order to win the clock selection of ntpd and modify a victim's clock via a Sybil attack. This issue exists because of an incomplete fix for CVE-2016-1549. |
Snort® IPS/IDS
| Date | Description |
|---|---|
| 2018-05-22 | Multiple Vendors NTP zero-origin timestamp denial of service attempt RuleID : 46387 - Type : SERVER-OTHER - Revision : 3 |
Nessus® Vulnerability Scanner
| id | Description |
|---|---|
| 2019-01-03 | Name: The remote Fedora host is missing a security update. File: fedora_2018-e585e25b72.nasl - Type: ACT_GATHER_INFO |
| 2018-09-20 | Name: The remote Amazon Linux AMI host is missing a security update. File: ala_ALAS-2018-1083.nasl - Type: ACT_GATHER_INFO |
| 2018-08-17 | Name: The remote PhotonOS host is missing multiple security updates. File: PhotonOS_PHSA-2018-1_0-0167.nasl - Type: ACT_GATHER_INFO |
| 2018-05-29 | Name: The remote Gentoo host is missing one or more security-related patches. File: gentoo_GLSA-201805-12.nasl - Type: ACT_GATHER_INFO |
| 2018-05-11 | Name: The remote Amazon Linux 2 host is missing a security update. File: al2_ALAS-2018-1009.nasl - Type: ACT_GATHER_INFO |
| 2018-05-11 | Name: The remote Amazon Linux AMI host is missing a security update. File: ala_ALAS-2018-1009.nasl - Type: ACT_GATHER_INFO |
| 2018-03-09 | Name: The remote NTP server is affected by multiple vulnerabilities. File: ntp_4_2_8p11.nasl - Type: ACT_GATHER_INFO |
| 2018-03-02 | Name: The remote Slackware host is missing a security update. File: Slackware_SSA_2018-060-02.nasl - Type: ACT_GATHER_INFO |
| 2018-02-28 | Name: The remote FreeBSD host is missing one or more security-related updates. File: freebsd_pkg_af485ef41c5811e88477d05099c0ae8c.nasl - Type: ACT_GATHER_INFO |
